4 matches found
How to Find Local File Inclusion (LFI) Vulnerabilities in WordPress Plugins and Themes
Local File Inclusion LFI occurs when user-controlled input is used to build a path to a file that is then included by the application. In WordPress and PHP web applications in general, this means values from $GET, $POST, $REQUEST, or other user-controlled sources end up in the include, require,...
Piwigo Security Breach
Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo versions prior to 14.3.0, which stems from a cross-site scripting vulnerability due to a lac...
Serendipity include/functions_entries.inc.php SQL Injection Vulnerability
Serendipity is a WEB application. Serendipity include/functionsentries.inc.php suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...
CVE-2008-1962
Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 class parameter to include/functions.inc.php and the 2 file parameter to include/common.inc.php...